Bug#826646: Incorrect handling with initial_cwd variable
Andreas Metzler
ametzler at bebt.de
Sat Jun 11 13:21:25 UTC 2016
On 2016-06-10 Серж ИвановЪ <evasive.gyron at gmail.com> wrote:
> Our friends at Ubuntu released initial_cwd security patch correctly from
> the start.
> Here is a relevant change log:
> http://changelogs.ubuntu.com/changelogs/pool/main/e/exim4
> /exim4_4.82-3ubuntu2.1/changelog
> "debian/patches/CVE-2016-1531-4.patch: delay chdir(/) until we opened the
> main config."
> Some feedback would be greatly appreciated.
Thanks for the pointer, I will try to get a fix approved for the next
oldstable release.
cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Pkg-exim4-maintainers
mailing list